
#-----------------------------------------------------------------------
# Copyright (C) 2000-2001, Jean-Sebastien Morisset <jsmoriss@mvlan.net>
#-----------------------------------------------------------------------
# $Id: trinityv3-root-shell,v 1.4 2001/08/11 17:01:21 jsmoriss Exp $
#-----------------------------------------------------------------------
# README
#-----------------------------------------------------------------------
#
# When the Trinity v3 DoS Tool is installed, it creates a root-shell
# on port 33270. We specifically block this port here (TCP connects)
# to prevent later services (like FTP passive) from making this port 
# available.
#
# To install, copy this file to /etc/firewall-modules/public/block-high-
# ports/trinity-root-shell. There's no need to execute rc.firewall with 
# the --update-config parameter.
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

echo "Deny $INTOPT $NETADDR Trinity v3 Root-Shell <- $ANY (logged)"
ipchains -A $INCHAIN -j DENY -p tcp -y -s $ANY -d $NETADDR 33270 -l

